search

yhirose / cpp-httplib

A C++ header-only HTTP/HTTPS server and client library
MIT License
12.71k stars 2.25k forks source link

Using custom certificates to make https connections #851

Closed damienhocking closed 3 years ago

damienhocking commented 3 years ago

Hi, I'm trying to connect to a RavenDB server through its REST interface. Our security on the DB requires a custom client certificate. We can connect using curl, with the keys as:

curl --cert dbkey.crt --key dbkey.key -X GET https://db.server.url:xxx/yyyy

I'm trying to do the same thing withh cpp-httplib and set_ca_cert_path(...). It's not working, I can connect with various root ca files but fail on the actual DB authentication, or if I use the dbkey.crt directly openssl fails on a user certificate.

Is there a way to set a CA file and the server key, or do I need to do something else?

yhirose commented 3 years ago

@damienhocking, I don't fully understand what you are trying to do though, --cert and --key have nothing to do with a CA file, but they are for client certificate and its private key.

You can use the 2nd constructor of Client below to set your client cert and private key:

class Client {
public:
  // Universal interface
  explicit Client(const char *scheme_host_port);

  explicit Client(const char *scheme_host_port,
                  const std::string &client_cert_path,
                  const std::string &client_key_path);

Please let me know if I misunderstand what you are doing. Thanks!

damienhocking commented 3 years ago

Ah, that might be what I need, I'm not that experienced in SSL (in case that's not already obvious...). I'll try this, if it works I'll post back and close this. Thank you.

damienhocking commented 3 years ago

Yes, this was it, it works. Thank you for the very fast help.